"Use a strong password" is a common advice on the web. A strong password should be able to protect your account, but there is no use of a strong password if you, the password maker, can't remember it. Creating a strong password can be easy to some and difficult to others. But to everyone, strong passwords are difficult to remember.
Password protection is important in the current digital age. As computers are becoming more powerful, strong password needs to be more complex than ever.
Some people believe that combining the alphabets and numbers as a password is strong enough and difficult to hack. The answer is plainly wrong. Hackers, aided by their software, have become more efficient that passwords we think are strong enough are increasingly easier to crack.
As a user on the web that needs to protect an account, what should you do? How do you come up with a password that is both difficult to crack but easy to remember?
To help you out, below is the strategy of a strong password you can follow:
- 12 characters minimum. The longer the better.
- Combination of numbers, symbols, capital letters and lowercase letters: Mixing all of them.
- Not in a dictionary. Words and combination of words taken from a dictionary are the most obvious.
- Not obvious substitutions: Using a number to change a letters as a substitute is common (i.e. "H0use).
- Uppercase letters. For example: A, B, C.
- Lowercase letters. For example: a, b, c.
- Numbers. For example: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9.
- Symbols. For example: ` ~ ! @ # $ % ^ & * ( ) _ - + = { } [ ] \ | : ; " ' < > , . ? /".
Passwords That Only You Can Remember
Creating a strong password is one thing. Remembering it is another.
Software that hackers and crackers use are also becoming more sophisticated. They can use different dictionaries, combine words in multiple languages, use names, insert foreign words, add phonetic patterns and so on for roots; two digits, dates, single symbols and so on for appendages. The software can run the dictionaries with various capitalizations and common substitutions: "$" for "s", "@" for "a", "1″ for "l" and so on. This guessing strategy quickly breaks about two-thirds of all passwords.
With that ability, how can you create an strong memorable password? Creating a strong password is all about creating something unique; so unique that only you can remember.
So beside using substitution letters/numbers and words in the dictionary, you password should not include your name, you birthday date as well as your family members', your pet, and any of your personal information. If you do want to use part of your personal information as a password, you have to combine those letters/numbers with other symbols. For example, you can select a random word from your personal information and insert letters, symbols and numbers into the beginning, middle and at the end.
Using longer password is the other option. A password with 5 letters has 10 billion possible combinations, and can be cracked seconds seconds. A six-letter password would take longer. But as computers are getting more powerful, hackers can expect to crack longer passwords with relatively shorter period. But still, the longer your password, the longer it will take to crack. For each additional character you add to your password, the amount of time it would take to guess increases.
To help yourself create and remember your strong passwords, combine the already mentioned strategy of a strong password with the following tips:
1. Create an acronym from an easy-to-remember piece of information.
2. Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase.
3. Relate your password to a favorite thing, celebrity, your hobby or sport, etc..
Managing Your Passwords
As more internet services you use, the more you need to memorize passwords. Creating and remembering a unique password is challenging on its own, much less doing it multiple times.
How many accounts do you have online on the web? 10? 20? Or even more? How can you expect your brain to remember each and every one of them without effort? Since reusing passwords is not a safe theory, how do you manage to create many unique passwords, never reuse any of them, but sill able to log in with speed and efficiency?
There are a number of solutions to help you out.
The first is to use password management tools. These tools will store your passwords for you (and a;so able to provide random new passwords when needed). All you need to do is remember a single master password that grants you access to all stored data. The password that you keep secured are encrypted so they can be stored safely.
The disadvantage of this method: If you forgot that master password, the chances are you'll lost all your stored password because you can't see them anymore, and will not be able to enter any of the accounts assigned with them, unless you remember some of them. And if that password got cracked, all data in it will be compromised
The second is to use strong passwords just for important services, and use random but not-so-easy to remember passwords for the rest. For example, your strong password is to open your email account in which it's used to register to other online services. If there is the moment you forgot the passwords to those online services, you're still able to reset your password since most online services requires you to only remember your email address used in registration.
The risk here is that if the strong password for your email got cracked, all of your online services account that were registered with it can be compromised.
Conclusion
Your "unbreakable" password can be indeed securing your account. But there is no saying how strong it can be if opposed against time and machines. There is always a possibility that at the end of the day, your unique and strong password got hacked and everything in it got compromised.
You should never think you are completely secure, especially on the web. As an advice, change your password frequently, never reuse passwords, and always make any new passwords unrelated to the old ones.